Comment by jacquesm
10 years ago
They put their customers in charge of the company? This gets weirder all the time. The problem is that they asked their customers in the first place. They should have simply communicated the fact that they would be under attack shortly and indicate that they would never ever pay a red cent.
That would give their customers time to batten the hatches and/or migrate off the system for the time being while sending a clear signal that they would not pay anyway.
This is a tough situation to be in but putting your customers in control of the company (and in a democratic way no less) is not the solution. What about those customers that decided (rightly imo) against paying?
Companies such as these should have an up-front item in their terms of service indicating that they would never pay a ransom, that way they would be clear to both their customers and their potential attackers.
"This was a collective decision taken by all impacted companies"
I think they were put under pressure by other companies using the same IPS, not their customers.
That's even weirder. They have obligations to their customers not to their neighbors in the same DC, that's the territory of whoever handles their hosting.
The datacenter is not going to be happy if they are offline due to attacks targeting one of their customers. The datacenter has an obligation to their customers, and if that means cutting off ProtonMail so that other customers stay online, then that's what the datacenter has to do. Then, ProtonMail is under pressure to pay the ransom fee to avoid having services terminated by the datacenter.
4 replies →
>that's the territory of whoever handles their hosting.
Yes. And what does a provider do when a customer is getting hit so hard by a ddos that it is pushing their other customers offline? they blackhole the target at their upstream (usually starting on a per-IP basis, but that will widen as the attacker shifts the target)
So... most likely, the isp said "if this continues, we will need to finish the job and shut you off" - which is what every other ISP is going to do in the case of an attack that is large enough to knock the ISP in question offline.
Check out the legalese on your hosting contract; everyone reserves the right to dump you as a customer in these sorts of cases.
1 reply →
Would those obligations be spelled out in the contract for data centre services?
I'm interested in whether the ISPs have any form of protection against the disruption caused by a customer of a shared service coming under a criminal attack of this kind.
ProtonMail can't be trusted with any decisions about its business going forward, no matter how good their service (of which I still have doubts anyway). I mean, who knows what kind of compromises they will make next if they get "pressured" by the government or whoever to put a backdoor in their service.
I always find that the best way to make a decision about who to trust is on the basis of a brief article by a third party that, in a 2 minute read, covers high pressure events that spanned many hours. Even better if you throw in some highly informed opinions by random people in an online community. It's a very reliable way to decide on important things like trust.